Software-Defined Wide Area Network (SD-WAN)
The Platform to Deliver
What is it
Software-Defined Wide Area Networks (SD-WAN) exemplify the innovative capabilities of Software-Defined Networking (SDN) technologies, marking a paradigm shift in creating cloud-optimized networks. By integrating a layer of intelligence, SD-WAN transcends traditional network architectures, offering unmatched agility, flexibility, cost-efficiency, and performance—qualities essential for modern applications.
SD-WAN empowers enterprises to move beyond the constraints of device-centric and circuit-centric frameworks, embracing a network-wide overlay that abstracts from the underlying hardware. This forward-thinking network architecture lays the groundwork for a versatile infrastructure, adept at supporting a hybrid workforce. It enables businesses to seamlessly manage network traffic, optimize application performance, and enhance security across diverse locations and cloud environments, thereby aligning network functionality with the evolving demands of today’s digital landscape.
How it works
SD-WAN is closely associated with the internet and offers enterprises a new way of building their wide area networks. With SD-WAN enterprises can replace traditional routers with a virtual overlay network by installing an SD-WAN edge device at each branch location. This SD-WAN device serves as a connection point for multiple physical WAN links of any sort to carry business traffic without the need for complex configuration and network engineering.
Due to the principles of SD-WAN, all edge devices are connected to a central software platform, commonly referred to as an orchestrator. It’s here that enterprises can manage, configure and push out policies instead of having onsite engineers. Additionally, SD-WAN enables intelligent traffic steering and prioritization from the detection of anomalies and performance deviancy.
Offering several benefits to enterprise networks, SD-WAN is a compelling alternative to traditional architectures like MPLS.
Due to the use of low-cost internet circuits across the network
Through a central orchestrator that can instruct devices at each site how to behave or what configurations to run
Simplified and Secure Connectivity
Over any (and all) transport layers in the network
The Ability to Scale with the Business
Add new sites, and more users to meet the changing demands of the business without impacting performance or end-users
Improved Insights and Visibility
With better reporting analytics and capabilities
Increased Network Performance
With centralized communication, and control being pushed to each site intelligent traffic, steering and prioritization can occur
Coevolve has been helping businesses adopt telco-independent SD-WAN since 2014. Through an “over-the-top” model, our telco-independent SD-WAN offering enables flexibility in choosing various Internet Service Providers (ISPs), allowing for the ideal combination of connectivity providers at each level. This eliminates the reliance on a single provider and provides flexibility to access local and regional broadband providers further aiding cost savings and performance.
This approach also eliminates a “one-size-fits-all” approach that often compromises the integrity of the SD-WAN solution by limiting the types of software, services, and capabilities accessible to the enterprise. In addition, telco-independent SD-WAN drastically reduces deployment lead times from months to weeks, without the need to wait for existing contracts to expire.
1. Business Case
Is your organization moving workloads to the cloud? Do you backhaul internet over MPLS? How are your sites accessing the internet? What are your traffic flows? Do you have an existing MPLS core network? How much are you spending on moves, adds, and changes per year? How much time and effort is invested in the WAN?
These and many more are key questions a successful business case will need to address to build a business case baseline to compare any SD-WAN transformation. The good news is the process won’t take as long as you may think.
Coevolve has worked with clients all over the world and understands that over-complicating the business case can be counter-productive in the race to meet business expectations. A simple, methodical approach can be taken to produce baseline comparisons that demonstrate transformation will at the bare minimum support the existing needs while unlocking significant upside commercially, technically, and operationally.
2. Technical Considerations
SD-WAN can require a new mindset for network architecture, from the underlay circuits to the integration between the overlay and the existing WAN. Here are some technical considerations for the new WAN:
- Less focus on primary/backup circuits, more on a pool of connectivity: One of the major benefits of SD-WAN is the ability to extract better performance out of multiple circuits than each individual circuit can deliver. Traditional WANs focused on a high-quality primary circuit at each site, with backups in some cases. In an SD-WAN design, multiple low-cost circuits can be used instead. Think of each circuit as “disposable”, meaning the network is not dependent on any single circuit. This increases resilience, and can significantly reduce costs in the network
- Look at high availability options for resilient sites: Most SD-WAN solutions offer a range of high availability (HA) options, in physical and virtual environments. Hot standby HA solutions are most common, with a second device ready to take over from the first if it fails. More advanced solutions include a distributed HA architecture, with circuits connected to separate appliances and back-to-back connectivity between the appliances to use each circuit. Clustering can be another option to provide HA in addition to better horizontal scaling
- Leave forwarding decisions to the SD-WAN whenever possible: It’s tempting to use the policy-based features of an SD-WAN solution to carefully engineer traffic flows and steer specific applications over certain link types. However, in our experience it’s often better to leave these policies in an automatic mode, where the best path(s) will be selected in real time. In a traditional enterprise WAN, real-time traffic like voice or video would always be carried over MPLS; this isn’t necessarily the case in an SD-WAN with advanced telemetry
- Carefully consider routing protocol integration: As SD-WAN solutions have matured, their routing capabilities have improved significantly. Most major SD-WAN solutions support a range of routing protocols, including OSPF and BGP. This can facilitate the use of the SD-WAN edge as an MPLS CE, and integrate with existing networks at data centers. However, it’s important to consider how the underlay and overlay work together in a dynamic routing environment to avoid loops
3. Operational Model
SD-WAN architecture is just one part of the puzzle, how that network is going to be implemented and managed is another and with new models emerging, enterprises have the ability to pick a model best suited to their needs and resources. There are three distinct operational models, DIY, managed and co-managed with enterprises now leaning towards managed and co-managed models due to the increased complexity and pressure of on enterprise networks requiring more dynamic and specialized support.
4. Security and NFV
Security in SD-WAN solutions is a critical aspect, as the solution not only simplifies network connectivity across multiple locations but can also incorporate advanced security measures.
SD-WAN offers enhanced security by integrating seamlessly with cloud-based security services, providing centralized control over network traffic and policies. This integration allows for streamlined deployment of security updates and policies, ensuring consistent protection across the entire network.
Additionally, SD-WAN can leverage Network Functions Virtualization (NFV) to run virtual firewalls directly at the network edge. This approach localizes security measures, enabling real-time threat detection and response at each network entry point. By combining the flexibility of SD-WAN with cloud-based security and edge-based NFV firewalls, organizations can achieve a robust, scalable, and highly secure network infrastructure, well-suited for the dynamic demands of modern digital environments.